Microsoft, Facebook, Google, Others Join Forces to Fight Phishing

[Guest]

DMARC, short for Domain-based Message Authentication, Reporting and Compliance, is a new approach to help fight email phishing attacks.

Microsoft, Facebook, Google, Others Join Forces to Fight Phishing : Read more

 

[silver565]

I'm pleased to see this. No more emails about winning "gold dust"!

 

[sseyler]

[citation][nom]silver565[/nom]I'm pleased to see this. No more emails about winning "gold dust"![/citation]

Or about sharing large funds from a Nigerian prince.

 

[danwat1234]

[citation][nom]silver565[/nom]I'm pleased to see this. No more emails about winning "gold dust"!Or about Viagra pills that I don't need.[/citation]
Or about Viagra pills that I don't need.

 

[silver565]

[citation][nom]danwat1234[/nom]Or about Viagra pills that I don't need.[/citation]

Don't forget how you won the lottery

 

[freggo]

If you win the Lottery you do not need Viagra to get a chick.
You just became a dream date.
Loads of money and no marital requests

 

[Kryan]

[citation][nom]danwat1234[/nom]Or about Viagra pills that I don't need.[/citation]
SPEAK FOR YOURSELF! lol

but seriously...pen!s enlargement is a wish ... ./cryyyyy

 

[ithurtswhenipee]

The next thing they should all join forces for is to do away with free email accounts. Make a 1 time registration fee of a nominal amount like $5 or $10. This way the bots that spammers use to create thousands of [name free email provider] email accounts will either rendered useless or the process will be prohibitively expensive. Even if each address is able to send 10 or 15 emails before it gets closed down.

 

[drwho1]

"the senders of emails can provide proof to indicate that their emails are protected by SPF and DKIM and include instructions what to do with the message if the authentication fails. For example, the message can be automatically deleted by the recipient system - or simply be rejected."

This is the part that I'm having trouble with.

What "proof", how efficient this "proof" be?
Can they just add the "proof" anyway?
Are there any limits on this "proofs"?

Or they would simply find an exploit and it would be the same or worse.

Don't get me wrong I agree with everyone here so far....
But I would like to see more details about this.

 

[dormantreign]

Or about that penis enlargement i also don't need.

 

[JOSHSKORN]

But...but..where am I going to get my viagra and vicodin from, now? What bank will I store my money in without my bank of Nigeria?? And What about F#ckBook?? This makes me a sad panda.

/sarcasm

 

[ibboard]

This wouldn't help with spam (despite the picture) or generic scams, just phishing. So we'd still get the Nigerian princes, the "male medicine", the R0lllllex and the rest. The only stuff you wouldn't get is stuff telling you to log in to [insert bank/store/social network].

TBH, this will only be half successful. SPF and DKIM lets them do this stuff already (and worrying only *some* banks do it) if and only if the receiving server checks the records *and* the sender marks a hard fail rather than a soft fail (which says "I don't think it is legit, but don't ditch it just in case"). What it will miss out on is bankofarnerica.com and the like - you can still phish with an almost-but-not-quite-identical domain name (and even have a legitimate SSL certificate for it).

 

[mrmaia]

Instead of new authentication methods, they should invest in educating people about phishing.

Spammers will ALWAYS find a way to work around the filters, but some people will NEVER learn that that £500,000,000 Lottery prize is a scam.

The best way to stop spamming is cutting down its results.

 

[nebun]

it's about time...i am not surprised if these companies were the main ones that started it all....this is google and microsoft we are talking about

 

[hardcore_gamer]

[citation][nom]Kryan[/nom]SPEAK FOR YOURSELF! lolbut seriously...pen!s enlargement is a wish ... ./cryyyyy[/citation]

Use a blade and duct tape .